I am looking for mtls on both aks and gke clusters with certmanager and I am also leveraging AWS private CA with it. I am stuck with an error of certificate generation. I created secret with aws access and secret keys. Post that I gave the clusterissuer and certificate request. However I see an error "Issuer not ready".
kubectl get certificate
NAME READY SECRET AGE
rsa-cert-4096 False pca-secret 43m
I checked the logs of certmanager but I dont see much information apart from below:
"cert-manager/certificates-trigger: Certificate must be re-issued" key="default/rsa-cert-4096" reason="MissingData" message="Issuing certificate as Secret does not contain a private key"